Default variables

Default variables are stored in the directory defaults.

Most of the variables are self-explaining. There are five very important variables cl_handlers, cl_packages, cl_states, cl_services, and cl_files (27-31). These dictionaries, which comprise the configuration data of handlers, packages, services, and files, will be explained in details. By default, these dictionaries are empty.

The best practice is to provide the data either in host_vars and group_vars, or as a files in the directories cl_handlersd_dir, cl_packagesd_dir, cl_statesd_dir, cl_servicesd_dir, and cl_filesd_dir (38-42). Both methods can be applied at the same time. The variables will be assembled and combined by the tasks vars_handlers.yml, vars_packages.yml, vars_states.yml, vars_services.yml, and vars_files.yml. The assembled dictionaries, customized for each host in the play, will be stored in the host-specific files cl_packagesd, cl_statesd, cl_servicesd, and cl_filesd (61-64). The variable cl_handlers is not host-specific because the handlers will be created at the controller (localhost) only. Assembled dictionary cl_handlers will be stored in the file cl_handlersd (60). Take a look at the assembled data in the directory cl_dira (59).

By default, the base of the directories is role_path (37). The user is expected to put the configuration data to a more suitable directory, for example, to playbook_dir directory.

[defaults/main.yml]

---
# defaults for config_light
cl_role_version: 2.8.3

cl_setup: true                # Import tasks/setup.yml
cl_install: true              # Install packages or ports
cl_debug: false               # Display debug output
cl_backup: false              # Backup files
cl_copyfile_delete: false     # Delete dest then copy samples and defaults
cl_template_delete: false     # Delete dest then create from templates

# Sanity
cl_sanity: true               # Import tasks/sanity.yml
cl_sanity_quiet: true         # Module assert, parameter quiet
cl_sanity_collections: false  # Test required collections
cl_sanity_modules_pkg: true   # Test modules in cl_packages are supported
cl_sanity_yamllint: false     # Test yamllint is installed

# Supported
cl_supported_linux_family: [Debian, RedHat]
cl_supported_modules_pkg: [apt, package, pkgng, snap, yum]

# Required collections
cl_collections: [ansible.posix, community.general, vbotka.freebsd]

# Combine assembled data with these variables
cl_handlers: {}
cl_packages: {}
cl_services: {}
cl_files: {}
cl_states: {}

# Assemble data from these directories
# cl_dird_owner: root        # no default
# cl_dird_group: adm         # no default
cl_dird_dmode: "0775" # default very permissive, restrict if necessary
cl_dird: "{{ role_path }}/files"
cl_handlersd_dir: "{{ cl_dird }}/handlers.d"
cl_packagesd_dir: "{{ cl_dird }}/packages.d"
cl_servicesd_dir: "{{ cl_dird }}/services.d"
cl_filesd_dir: "{{ cl_dird }}/files.d"
cl_statesd_dir: "{{ cl_dird }}/states.d"

# Lint
cl_yamllint: yamllint
cl_yamllint_rules:
  extends: default
  rules:
    line-length:
      level: warning
cl_assemble_validate: "{{ cl_yamllint }} -d '{{ cl_yamllint_rules | to_json }}' %s"
cl_handlers_validate: "{{ cl_yamllint }} -d '{{ cl_yamllint_rules | to_json }}' %s"

# Assemble inventory_hostname data into these files
# cl_dira_owner: root        # no default
# cl_dira_group: adm         # no default
cl_dira_dmode: "0775" # default very permissive, restrict if necessary
cl_dira_fmode: "0664" # default very permissive, restrict if necessary
cl_dira: "{{ cl_dird }}/assemble"
cl_handlersd: "{{ cl_dira }}/handlersd" # localhost; not inventory_hostname specific
cl_packagesd: "{{ cl_dira }}/packagesd.{{ inventory_hostname }}"
cl_servicesd: "{{ cl_dira }}/servicesd.{{ inventory_hostname }}"
cl_filesd: "{{ cl_dira }}/filesd.{{ inventory_hostname }}"
cl_statesd: "{{ cl_dira }}/statesd.{{ inventory_hostname }}"
cl_assemble_regexp: ^(.*)[^~]$ # Any string but terminated by ~
# Delete packagesd, servicesd, filesd, and statesd before assembling
cl_all_delete: false # Delete packagesd, servicesd, filesd, and statesd
cl_packagesd_delete: false # Delete packagesd
cl_servicesd_delete: false # Delete servicesd
cl_filesd_delete: false # Delete filesd
cl_statesd_delete: false # Delete statesd

# Role handlers directory
# cl_handlers_dir_owner: admin   # no default
# cl_handlers_dir_group: admin   # no default
# cl_handlers_dir_dmode: '0775'  # no default
# cl_handlers_main_mode: '0644'  # no default
cl_handlers_delete_all: false
cl_handlers_delete: false
cl_handlers_create: true
cl_handlers_dir_become: false

# Snap
cl_snap_paths:
  - /usr/local/sbin
  - /usr/local/bin
  - /usr/sbin
  - /usr/bin
  - /sbin
  - /bin
# - /snap/bin
cl_snap_patterns:
  - snap

# States
cl_states_unmount: [absent, unmounted]
cl_states_mount: [present, mounted, remounted]
cl_states_file: [absent, directory, file, hard, link, touch]

# Files
cl_files_collections:
  copy: ansible.builtin
  template: ansible.builtin
  markers: ansible.builtin
  create-backup: ansible.builtin
  patch: ansible.posix
  lineinfile: ansible.builtin
  blockinfile: ansible.builtin
  inifile: ansible.builtin
  ucl: vbotka.freebsd
  sysrc: community.general
  delete-backup: ansible.builtin
cl_files_order: "{{ cl_files_collections |
                    dict2items |
                    selectattr('value', 'in', ['ansible.builtin'] + cl_collections) |
                    map(attribute='key') }}"

# OS common
install_retries: 10
install_delay: 5

# FreeBSD
freebsd_install_method: packages
# freebsd_install_method: ports
freebsd_use_packages: true

# rc.conf and rc.conf.d
cl_rcconfd: false
cl_rcconfd_dir: /etc/rc.conf.d
cl_rcconfd_path:
  default: "{{ cl_rcconfd_dir }}/{{ _service }}"
cl_rcconf_rcvar:
  default: "{{ _service }}_enable"
  devfs: devfs_load_rulesets

# EOF

Warning

The defaults of the variables cl_dird_dmode (36), cl_dira_dmode (57) and cl_dira_fmode (58) to access the configuration data and the assembled dictionaries are very permissive. Restrict the permissions if these dictionaries might comprise classified data.